How to protect yourself from the deadly ‘Ransomware’ Virus?

UPDATE: 13th May 2017: A new ransomware has been identified known as Wannacry Ransomware, which has affected many countries in Asia, Europe, and America. It is a type of Encrypting Ransomware (hopefully, the least effective ransomware, check the article to know more about Encrypting Ransomware) that only targets your files, and encrypts them so that you cannot access it. If you are under attack, you can use the solution provided inside the article for Encrypting Ransomware.

The rate of computer viruses is increasing day by day with the emergence of new coding technologies. The latest and probably the biggest threat to the internet browsers is a Malware termed as ‘Ransomware.’ It is a virus that is continuing to become computer nightmares till date.

So, what exactly is this Ransomware? And How to Protect yourself from it?

In today’s article, I am going to discuss Ransomware in detail. I will make you aware of its working mechanism and tell you some of the easiest ways to protect yourself from becoming a Ransomware victim.

Also, if you are already under attack and reading this article, don’t worry. I will also discuss necessary steps to recover back your files and your computer access.

Let’s start by discussing what exactly is a ransomware.

What is Ransomware?

Well, as you have already guessed, Ransomware has something to do with Ransom.

What is Ransom?

Ransom is a sum of money demanded by a kidnapper against the release of the kidnapped person.

Likewise, Ransomware is a Malware that encrypts all your computer files and software and demands money against your PC access.

The virus will totally lock down your computer, and you cannot access any of the files or software installed.

The virus is coded in a way that it attacks the system and takes control over it.

What’s more dangerous? Once it infects your system, even a powerful antivirus cannot recover the files for you. They can only remove the virus file at best, not the encryption.

To be exact, there is almost no process available to regain your ransomware-encrypted files in any ways other than paying money and fulfilling their demands. (Notice I said ‘almost,’ because there are some limited ways available, which does not fully guarantee that it can recover 100% of your encrypted files, I will discuss them later in the article)

I guess you have got a decent idea about Ransomware by now and understood how fatal it can be.

If you keep your study materials inside your computer and don’t have any backups, then it will be a nightmare if you face a Ransomware attack at night just before exams.

No matter how hard you scream, nobody is going to help you out if you ever fell into this ransomware trap.

Is paying Ransom a Solution?

This might be necessary for someone who has some valuable documents inside their computer hard drive. You may want to spend the money desperately.

But, is paying the ransom safe? Should you pay them money to get back access to your computer?

The answer is a big ‘NO.’

There are reasons behind this.

Firstly, it is totally unethical and illegal in most of the countries (if not all, I am not sure about laws in all countries). If you pay them money, then, indirectly, you are supporting those people who are taking the money, and hence, you are committing a cyber crime.

Additionally, you are proving the criminals that this method of taking money works and hence they will continue to infect other people like you.

Secondly, the sum of money is well above your expectations. Most of the ransomware asks payments in the form of bitcoins, the universal anonymous currency, where you cannot know the details of the other party, and you just transfer money using the bitcoin address. Now, the value of bitcoins is huge and regarding local currency, it is going to burn your pockets.

The amount of ransom can be any amount from 100$ to 1000$ or even more.

Thirdly, even if you pay the price somehow and hope for getting your access back, there is no guarantee at all that they will keep their word and give you access. Because it is a malware and controlled by them, they have the power to do anything they want. Suppose you pay ransom to a kidnapper, it does not guarantee that the kidnapper will release the captive, does it?

Hence, paying upfront is not at all a clever act.

So, now the question comes to safety. How can you save yourself from such a devastating ransomware virus attack?

Check up your Internet Downloads:

The first connecting link is your Internet Downloads. Whenever you decide to download a file from the internet via your web browser, you are risking your PC to getting infected.

So, always do a pre-check up to ensure you are downloading files from trusted sources.

If you are a torrent lover, then always download torrents from verified websites. Try to read reviews before downloading a torrent file.

I have often found fake movie torrents with the file extension .exe after movie name. Clearly, that is an executable file and not media, and if you execute that file, nobody knows what will be carried out by the software.

Downloading files from 3rd party file-hosting sites is another source of ransomware infection. Usually, they try to fool you by placing ads over the ‘Download Now’ button, and there are fair chances that you will click on that ad and end up downloading malicious software.

My last friendly suggestion in this regard will be to stop downloading p**n. Most of those sites bundle ransomware with the videos they provide for downloading.

Antivirus software is a must for every internet browser. And when I tell antivirus software, I don’t mean the Windows Defender shit that comes with your computer inbuilt.

Windows defender is just a basic software designed to protect you from some known malware only. It is not at all good option for long-term protection from new virus threats.

For that, you need to install a 3rd party antivirus software.

So, any 3rd party antivirus will protect you from ransomware?

The answer is ‘NO.’ Not all antivirus programs can protect you against ransomware.

And above that, you need an antivirus that can protect you against all other malware, and not just ransomware.

I will not give you a list of antivirus software, but I will give you only two names, one free and another paid software, which tops the chart for both general malware protection as well as ransomware.

Awareness is Important:

Remember, something you downloaded from the internet is still safe unless and until you open the file. So, even after you download some files, always make sure it is the right file you need to access. Then only open it.

Ransomware: What to do if I am attacked?

So, until now I was speaking of preventive measures for Ransomware Attacks.

But I know most of you won’t care these points until you face one yourself.

So, if you came here looking for ways to recover your PC which is under the control of ransomware, then I won’t disappoint you either. I just want to say, that your options are very very limited in what you can do.

Never pay the money

Don’t Fall for Ranscam:

Heard of Ranscam?

No?

Well, let me elaborate the term. Ranscam is when you pay money to the Ransomware owners but still don’t get back the access to your files.

Always remember, they hacked your computer for the sake of earning money. So, what makes you think that they will give you back the files after they get the sum of money?

For Encrypting Ransomware:

These are the most common types of ransomware, and there are more chances that the ransomware you got infected with is an encrypting ransomware.

Thanks to a lot of helpful developers on the internet, some ransomware-encrypted files decrypting software tools are available right now.

However, these tools will only work if your ransomware is an Encrypting Ransomware that won’t block access to your computer, just change the file type to encrypted type. It won’t work for Lockscreen or MBR Ransomware.

Well, note that the ransomware is developed by computer security experts, so they always keep updating to latest binaries. These decrypting software are updated with the latest binaries after the developers come to know of new developments.

So, the software can only decrypt ransomware encrypted files of some known algorithms. If you are under the control of a new and highly secured ransomware, this software won’t work.

Still, you can give them a try.

The names, download links, and instruction files to the software are provided below:

Use TrendMicro Lockscreen Ransomware Removal Tool:

Trendmicro has released a ransomware removal tool specially made for lock screen ransomware. Visit their website to view and download the tool.

So, your first step of removing the ransomware is done.

Now you need to see if your files are encrypted, and if so, decrypt your encrypted data.

Follow the recommended steps under the encryption ransomware section to decrypt them.

For MBR Ransomware:

Brace Yourselves! They are the worst kinds of ransomware available on the internet. They f**k up your computer along with your files.

What they do is modifying or deleting your boot record thus preventing your os from booting.

Sounds spooky?

Well, it is. Seriously, the last thing you want to be a victim of is an MBR Ransomware.

Just a random warning, if you are a torrent fan, and see a media file with an extension .exe in the downloaded torrent, then immediately delete it, don’t ever think of running them. They are ransomware.

Now coming to what you can do in case you are under attack.

You may cry, but unfortunately, nobody is going to listen. So, you need to take steps.

The bad news is you can’t get any part of your computer back. It is gone forever. That’s why we say keep backups repeatedly.

You need to wipe your hard disk completely, and as well as flush off your operating system, no part should be left out.

You will need the Windows installation CD to install the fresh version of windows.

Spyware Techie has an excellent article on how to remove the ransomware and freshly install your windows. Note that the article is written on Petya Ransomware, which is a highly dangerous MBR Ransomware, but the removal steps are same for every MBR Ransomware. You can read it here.

Use MBR Filter Software to prevent MBR Ransomware:

After you successfully remove MBR Ransomware and freshly install windows, don’t forget to install MBRFilter Software. It is a highly specialized software that keeps your MBR in read-only mode and thus preventing the ransomware from modifying your MBR in future. So, this software acts before the attack; it can’t protect you if you are already the victim.

Check out the details of MBR Filter and instructions for using the software along with the Download Link from here.

Last Words:

Thanks for reading this informative post on Ransomware and their removal techniques. I hope all your questions and confusions regarding ransomware are clear by now.

I have tried to answer all types of questions regarding ransomware in this single article.

Before ending my post, I want to remind you again; that awareness is the biggest quality necessary to stay safe from ransomware attacks.

BONUS: Use Sandbox for opening untrusted downloaded files:

Say you downloaded a file from an unknown source which you don’t trust. Still, you want to open that file, then use Sandbox to quarantine the file and open it in a confined space away from the rest of your computer’s files.

Sandbox is a paid upgrade available in Avast Antivirus. Upgrade your avast free subscription to Avast Internet Security and Avast Premier to get this Sandbox feature where you can isolate a file and open it.

This will shield you against bad ransomware as they can’t get into your system.

Mind Sharing the Article?

Don’t let your friends become the victim of ransomware again. Use the social share buttons to share this post with your friends on Facebook and Twitter.

Sharing does not cost money but can save a whole bunch of money to your friends.

Have any queries? Want to appreciate? Fire them up in the comments section below.

Unfortunate, my old PC was affected by Ransome. All my files got encrypted and I kinda lost them all. I have no hopes for getting them back though.

I’m taking precautions much better on my newer system, and I already started taking regular backups, you never know how you get attacked. Basically, the last time, I turned off my PC, and when I turned on my PC on the very next day, my wallpaper had changed with a message from the hackers, and also each folder had 3 files – 1 .html and 1 .pdf and another MS Word file which containing the same message, about paying $500 to unlock my files.

Well, I’m doing nothing with it, and all my files are gone for good. 🙁